<?php
session_start();
require_once 'php_includes.php';

//Make sure logged in
checkLogin();
//Makes Sure the User is a manager
checkManager();
?>  

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <title>Payroll and Timesheet Management Website</title>
    <link rel="stylesheet" type="text/css" href="styles.css"/>
  </head>
  <body>
	<?php writeHeader(); ?>
	<p>
	<span class="pageheader">Add Employee Result</span><br/>
<?php
	
sqlConnect();
$con=sqlConnect();
$sql = 'select ManagerID from Employee where EmployeeID = ' . $_SESSION['tmsUserID']; 
	
// Perform Query
$sqlresult = sqlQuery($sql);

$result = mysql_result($sqlresult, 0, 0);


//Will check if the Id Exists already or not	
$check = mysql_num_rows(sqlQuery('select EmployeeID FROM Employee WHERE EmployeeID='. $_POST['userid']));

//If the ID exists already It will Exit and ask the user to go back.
if($check=="1")
{
exit("<font color=red> Employee ID Exists Already, Please click <a href=\"addemployee.php\">here</a> to go back. </font>");	
}
	else 
	{
	
	
	
	//Makes sure that the userId and Session User Id are not the same because only managers have same user ID and same ManagerID
	if ($_SESSION['tmsUserID'] == $_POST['userid'])
	{
		exit("<p>Illegal Action! Please choose a different Employee ID <br> Click <a href=\"addemployee.php\">here</a> to go back.</p>");
	}
	else
	{
//Checks if the user has entered values in all fields
if(empty($_POST['userid']) ||empty($_POST['password']))
{
exit("<p>You must enter values in all fields of the Add Employee form! <br> Click <a href=\"addemployee.php\">here</a> to go back.</p>");
}
else
{
mysql_select_db("titans", $con);	

//adds employee to database
$sql2="INSERT INTO Employee (EmployeeID, EmployeePassword, ManagerID)
VALUES
('$_POST[userid]','$_POST[password]','$result')";

if(!sqlQuery($sql2))
{
include("error.php");
exit();
}
else
{
echo "Employee added.<br> <p> Click <a href=\"addemployee.php\">here</a> to add another employee.</p> ";

//Close DB
sqlExit();
}
}
}
}
?> 
</body>
</html>
